Skip to Content

Hitachi Energy Vulnerabilities

Updated on 2023-01-09: Hitachi Energy Vulnerabilities

The US Cybersecurity and Infrastructure Security Agency (CISA) has published three Industrial Control System (ICS) advisories regarding vulnerabilities in Hitachi Energy products. The flaws affect Hitachi Energy UNEM, Hitachi Energy FOXMAN-UN, and Hitachi Energy Lumada Asset Performance Management. Hitachi has addressed the vulnerabilities and urges users to update to the most current versions.


  • Hitachi released the updates in December, and with the holidays you probably haven’t had a chance to deploy them. Ok, let’s go. Also make sure that you’re limiting access to your control systems, monitoring for malicious activity, and for real, DO NOT expose them to the Internet. Have a conversation with your team about what their update cadence is, how they monitor for issues like this, and how access restrictions can be implemented while continuing to meet mission and service expectations. Don’t forget to ask what security model they are using; you may be surprised.


Overview: CISA ICS Advisories on Advantech and Hitachi Products

Earlier this week, the US Cybersecurity and Infrastructure Security Agency (CISA) released two Industrial Control Systems (ICS) advisories regarding severe vulnerabilities in Advantech R-SeeNet and Hitachi Energy APM Edge appliances. The Hitachi advisory is an updated version of an advisory originally released in December 2021.


  • Both advisories contain the phrase “Low attack complexity.” Additionally, the R-SeeNet vulnerability is remotely exploitable. In both cases, not only should you apply the update, but also make sure that you’re only allowing access from authorized devices and users, not directly exposing these devices to the Internet or Intranet, scanning media prior to introduction and monitoring for unexpected activity.


    Ads Blocker Image Powered by Code Help Pro

    It looks like you are using an adblocker.

    Ads keep our content free. Please consider supporting us by allowing ads on